[friendzis]

This way connection to origin server is still a SPoF without the ability to access ephemeral content. I think it would be a better (is it even in the realm of possibility?) alternative to do it the other way around: embed secure content inside Content Addressable Network (CAN). With Content Address you automagically get verification that at least the bank URI is intact. On top of that, CAN could aid in verifying root CA/server key pairs increasing TLS security. Well, at least for the duration of certificate validity. CRLs are again another story confirming that CANs, contrary to centralized ones (unless you are getting MITMed), have no way of indicating whether the content in question is current. On top of that, if majority of Alices direct peers are Malicious Malroys they have pretty good chances of convincing the network that Alice itself is acting maliciously and content updates from her are not to be trusted. Oversaturated example: Presidential elections with 49.9%/50.1% vote distribution.